﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;

namespace LX.MVC.Open.Utility
{
    public class CustomAuthorizeAttribute: AuthorizeAttribute
    {
        /// <summary>
        /// 方法执行前，会执行以校验权限
        /// </summary>
        /// <param name="filterContext"></param>
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            //Console.WriteLine(filterContext.HttpContext);
            if(filterContext.ActionDescriptor.IsDefined(typeof(CustomAllowAnonymousAttribute), true))
            {
                return;
            }
            else if(filterContext.ActionDescriptor.ControllerDescriptor.IsDefined(typeof(CustomAllowAnonymousAttribute), true))
            {
                return;
            }
            else if(filterContext.HttpContext.Session["CurrentUser"] == null)//没有Session
            {
                filterContext.Result = new RedirectResult("~/First/Login");
            }
            else
            {
                string accountPassword = filterContext.HttpContext.Session["CurrentUser"].ToString();
                if (!accountPassword.Equals("hjw_123456"))//权限不对
                {
                    filterContext.Result = new RedirectResult("~/First/Login");
                }
            }

        }

    }
}